Merge pull request #501 from crazy-max/new-inputs

add `cgroup-parent`, `shm-size`, `ulimit` inputs
This commit is contained in:
CrazyMax 2021-11-17 08:21:46 +01:00 committed by GitHub
commit 9ed5823618
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 273 additions and 129 deletions

View File

@ -336,6 +336,86 @@ jobs:
if: always() if: always()
uses: crazy-max/ghaction-dump-context@v1 uses: crazy-max/ghaction-dump-context@v1
shm-size:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
version: v0.7.0
driver-opts: |
image=moby/buildkit:master
-
name: Build
uses: ./
with:
context: ./test
file: ./test/shmsize.Dockerfile
tags: name/app:latest
shm-size: 2g
-
name: Dump context
if: always()
uses: crazy-max/ghaction-dump-context@v1
ulimit:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
version: v0.7.0
driver-opts: |
image=moby/buildkit:master
-
name: Build
uses: ./
with:
context: ./test
file: ./test/ulimit.Dockerfile
tags: name/app:latest
ulimit: |
nofile=1024:1024
nproc=3
-
name: Dump context
if: always()
uses: crazy-max/ghaction-dump-context@v1
cgroup-parent:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
version: v0.7.0
driver-opts: |
image=moby/buildkit:master
-
name: Build
uses: ./
with:
context: ./test
file: ./test/cgroup.Dockerfile
tags: name/app:latest
cgroup-parent: foo
-
name: Dump context
if: always()
uses: crazy-max/ghaction-dump-context@v1
multi: multi:
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:

View File

@ -3,7 +3,7 @@ name: e2e
on: on:
workflow_dispatch: workflow_dispatch:
schedule: schedule:
- cron: '0 10 * * *' # everyday at 10am - cron: '0 10 * * *'
push: push:
branches: branches:
- master - master

View File

@ -1,9 +1,9 @@
# This workflow is provided just as an usage example and not for repo testing/verification # This workflow is provided just as an example and not for repo testing/verification
name: example name: example
on: on:
schedule: schedule:
- cron: '0 10 * * 0' # everyday sunday at 10am - cron: '0 10 * * 0'
push: push:
branches: branches:
- '**' - '**'

View File

@ -3,7 +3,7 @@ name: virtual-env
on: on:
workflow_dispatch: workflow_dispatch:
schedule: schedule:
- cron: '0 10 * * *' # everyday at 10am - cron: '0 10 * * *'
jobs: jobs:
os: os:

View File

@ -181,11 +181,12 @@ Following inputs can be used as `step.with` keys
| Name | Type | Description | | Name | Type | Description |
|---------------------|----------|------------------------------------| |---------------------|----------|------------------------------------|
| `allow` | List/CSV | List of [extra privileged entitlement](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#allow) (eg. `network.host,security.insecure`) | | `allow` | List/CSV | List of [extra privileged entitlement](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#allow) (e.g., `network.host,security.insecure`) |
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) | | `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `build-args` | List | List of build-time variables | | `build-args` | List | List of build-time variables |
| `cache-from` | List | List of [external cache sources](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) (eg. `type=local,src=path/to/dir`) | | `cache-from` | List | List of [external cache sources](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) (e.g., `type=local,src=path/to/dir`) |
| `cache-to` | List | List of [cache export destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-to) (eg. `type=local,dest=path/to/dir`) | | `cache-to` | List | List of [cache export destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-to) (e.g., `type=local,dest=path/to/dir`) |
| `cgroup-parent` | String | Optional [parent cgroup](https://docs.docker.com/engine/reference/commandline/build/#use-a-custom-parent-cgroup---cgroup-parent) for the container used in the build |
| `context` | String | Build's context is the set of files located in the specified [`PATH` or `URL`](https://docs.docker.com/engine/reference/commandline/build/) (default [Git context](#git-context)) | | `context` | String | Build's context is the set of files located in the specified [`PATH` or `URL`](https://docs.docker.com/engine/reference/commandline/build/) (default [Git context](#git-context)) |
| `file` | String | Path to the Dockerfile. (default `{context}/Dockerfile`) | | `file` | String | Path to the Dockerfile. (default `{context}/Dockerfile`) |
| `labels` | List | List of metadata for an image | | `labels` | List | List of metadata for an image |
@ -196,11 +197,13 @@ Following inputs can be used as `step.with` keys
| `platforms` | List/CSV | List of [target platforms](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#platform) for build | | `platforms` | List/CSV | List of [target platforms](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#platform) for build |
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) | | `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) |
| `push` | Bool | [Push](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#push) is a shorthand for `--output=type=registry` (default `false`) | | `push` | Bool | [Push](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#push) is a shorthand for `--output=type=registry` (default `false`) |
| `secrets` | List | List of secrets to expose to the build (eg. `key=string`, `GIT_AUTH_TOKEN=mytoken`) | | `secrets` | List | List of secrets to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`) |
| `secret-files` | List | List of secret files to expose to the build (eg. `key=filename`, `MY_SECRET=./secret.txt`) | | `secret-files` | List | List of secret files to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`) |
| `shm-size` | String | Size of [`/dev/shm`](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-size-of-devshm---shm-size) (e.g., `2g`) |
| `ssh` | List | List of SSH agent socket or keys to expose to the build | | `ssh` | List | List of SSH agent socket or keys to expose to the build |
| `tags` | List/CSV | List of tags | | `tags` | List/CSV | List of tags |
| `target` | String | Sets the target stage to build | | `target` | String | Sets the target stage to build |
| `ulimit` | List | [Ulimit](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-set-ulimits---ulimit) options (e.g., `nofile=1024:1024`) |
### outputs ### outputs

View File

@ -28,10 +28,8 @@ jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
describe('getImageID', () => { describe('getImageID', () => {
it('matches', async () => { it('matches', async () => {
const imageIDFile = await buildx.getImageIDFile(); const imageIDFile = await buildx.getImageIDFile();
console.log(`imageIDFile: ${imageIDFile}`);
await fs.writeFileSync(imageIDFile, digest); await fs.writeFileSync(imageIDFile, digest);
const imageID = await buildx.getImageID(); const imageID = await buildx.getImageID();
console.log(`imageID: ${imageID}`);
expect(imageID).toEqual(digest); expect(imageID).toEqual(digest);
}); });
}); });
@ -39,10 +37,8 @@ describe('getImageID', () => {
describe('getMetadata', () => { describe('getMetadata', () => {
it('matches', async () => { it('matches', async () => {
const metadataFile = await buildx.getMetadataFile(); const metadataFile = await buildx.getMetadataFile();
console.log(`metadataFile: ${metadataFile}`);
await fs.writeFileSync(metadataFile, metadata); await fs.writeFileSync(metadataFile, metadata);
const expected = await buildx.getMetadata(); const expected = await buildx.getMetadata();
console.log(`metadata: ${expected}`);
expect(expected).toEqual(metadata); expect(expected).toEqual(metadata);
}); });
}); });
@ -132,7 +128,6 @@ describe('getVersion', () => {
'valid', 'valid',
async () => { async () => {
const version = await buildx.getVersion(); const version = await buildx.getVersion();
console.log(`version: ${version}`);
expect(semver.valid(version)).not.toBeNull(); expect(semver.valid(version)).not.toBeNull();
}, },
100000 100000
@ -179,10 +174,8 @@ describe('getSecret', () => {
secret = await buildx.getSecretString(kvp); secret = await buildx.getSecretString(kvp);
} }
expect(true).toBe(!invalid); expect(true).toBe(!invalid);
console.log(`secret: ${secret}`);
expect(secret).toEqual(`id=${exKey},src=${tmpNameSync}`); expect(secret).toEqual(`id=${exKey},src=${tmpNameSync}`);
const secretValue = await fs.readFileSync(tmpNameSync, 'utf-8'); const secretValue = await fs.readFileSync(tmpNameSync, 'utf-8');
console.log(`secretValue: ${secretValue}`);
expect(secretValue).toEqual(exValue); expect(secretValue).toEqual(exValue);
} catch (err) { } catch (err) {
expect(true).toBe(invalid); expect(true).toBe(invalid);

View File

@ -140,13 +140,14 @@ describe('getArgs', () => {
// prettier-ignore // prettier-ignore
test.each([ test.each([
[ [
0,
'0.4.1', '0.4.1',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -156,13 +157,14 @@ describe('getArgs', () => {
] ]
], ],
[ [
1,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['build-args', 'MY_ARG=val1,val2,val3\nARG=val'], ['build-args', 'MY_ARG=val1,val2,val3\nARG=val'],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -174,24 +176,26 @@ describe('getArgs', () => {
] ]
], ],
[ [
2,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['tags', 'name/app:7.4, name/app:latest'], ['tags', 'name/app:7.4, name/app:latest'],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
'build', 'build',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--tag', 'name/app:7.4', '--tag', 'name/app:7.4',
'--tag', 'name/app:latest', '--tag', 'name/app:latest',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'https://github.com/docker/build-push-action.git#refs/heads/test-jest' 'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
] ]
], ],
[ [
3,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
@ -200,7 +204,7 @@ describe('getArgs', () => {
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -212,6 +216,7 @@ describe('getArgs', () => {
] ]
], ],
[ [
4,
'0.4.1', '0.4.1',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
@ -219,7 +224,7 @@ describe('getArgs', () => {
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -229,13 +234,14 @@ describe('getArgs', () => {
] ]
], ],
[ [
5,
'0.4.1', '0.4.1',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -245,6 +251,7 @@ describe('getArgs', () => {
] ]
], ],
[ [
6,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
@ -252,7 +259,7 @@ describe('getArgs', () => {
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -263,6 +270,7 @@ describe('getArgs', () => {
] ]
], ],
[ [
7,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['github-token', 'abcdefghijklmno0123456789'], ['github-token', 'abcdefghijklmno0123456789'],
@ -270,7 +278,7 @@ describe('getArgs', () => {
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -281,6 +289,7 @@ describe('getArgs', () => {
] ]
], ],
[ [
8,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'], ['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'],
@ -292,21 +301,22 @@ describe('getArgs', () => {
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'true'], ['push', 'true'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
'build', 'build',
'--platform', 'linux/amd64,linux/arm64',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--file', './test/Dockerfile', '--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--platform', 'linux/amd64,linux/arm64',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--builder', 'builder-git-context-2', '--builder', 'builder-git-context-2',
'--push', '--push',
'https://github.com/docker/build-push-action.git#refs/heads/master' 'https://github.com/docker/build-push-action.git#refs/heads/master'
] ]
], ],
[ [
9,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'], ['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'],
@ -326,24 +336,25 @@ ccc"`],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'true'], ['push', 'true'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
'build', 'build',
'--platform', 'linux/amd64,linux/arm64', '--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile', '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--platform', 'linux/amd64,linux/arm64',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--file', './test/Dockerfile',
'--builder', 'builder-git-context-2', '--builder', 'builder-git-context-2',
'--push', '--push',
'https://github.com/docker/build-push-action.git#refs/heads/master' 'https://github.com/docker/build-push-action.git#refs/heads/master'
] ]
], ],
[ [
10,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'], ['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'],
@ -363,24 +374,25 @@ ccc`],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'true'], ['push', 'true'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
'build', 'build',
'--platform', 'linux/amd64,linux/arm64', '--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile', '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--platform', 'linux/amd64,linux/arm64',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--file', './test/Dockerfile',
'--builder', 'builder-git-context-2', '--builder', 'builder-git-context-2',
'--push', '--push',
'https://github.com/docker/build-push-action.git#refs/heads/master' 'https://github.com/docker/build-push-action.git#refs/heads/master'
] ]
], ],
[ [
11,
'0.5.1', '0.5.1',
new Map<string, string>([ new Map<string, string>([
['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'], ['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'],
@ -392,14 +404,14 @@ ccc`],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'true'], ['push', 'true'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
'build', 'build',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile', '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--secret', 'id=MY_SECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest', '--secret', 'id=MY_SECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--file', './test/Dockerfile',
'--builder', 'builder-git-context-2', '--builder', 'builder-git-context-2',
'--network', 'host', '--network', 'host',
'--push', '--push',
@ -407,6 +419,7 @@ ccc`],
] ]
], ],
[ [
12,
'0.4.2', '0.4.2',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
@ -415,7 +428,7 @@ ccc`],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'false'], ['push', 'false'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
@ -427,6 +440,7 @@ ccc`],
] ]
], ],
[ [
13,
'0.6.0', '0.6.0',
new Map<string, string>([ new Map<string, string>([
['context', '.'], ['context', '.'],
@ -436,30 +450,56 @@ ccc`],
['load', 'false'], ['load', 'false'],
['no-cache', 'false'], ['no-cache', 'false'],
['push', 'true'], ['push', 'true'],
['pull', 'false'] ['pull', 'false'],
]), ]),
[ [
'buildx', 'buildx',
'build', 'build',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile', '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--metadata-file', '/tmp/.docker-build-push-jest/metadata-file', '--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
'--file', './test/Dockerfile',
'--network', 'host', '--network', 'host',
'--push', '--push',
'.' '.'
] ]
], ],
[
14,
'0.7.0',
new Map<string, string>([
['context', '.'],
['file', './test/Dockerfile'],
['cgroup-parent', 'foo'],
['shm-size', '2g'],
['ulimit', `nofile=1024:1024
nproc=3`],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
]),
[
'buildx',
'build',
'--cgroup-parent', 'foo',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--shm-size', '2g',
'--ulimit', 'nofile=1024:1024',
'--ulimit', 'nproc=3',
'--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
'.'
]
],
])( ])(
'given %p with %p as inputs, returns %p', '[%d] given %p with %p as inputs, returns %p',
async (buildxVersion: string, inputs: Map<string, any>, expected: Array<string>) => { async (num: number, buildxVersion: string, inputs: Map<string, any>, expected: Array<string>) => {
await inputs.forEach((value: string, name: string) => { await inputs.forEach((value: string, name: string) => {
setInput(name, value); setInput(name, value);
}); });
const defContext = context.defaultContext(); const defContext = context.defaultContext();
const inp = await context.getInputs(defContext); const inp = await context.getInputs(defContext);
console.log(inp);
const res = await context.getArgs(inp, defContext, buildxVersion); const res = await context.getArgs(inp, defContext, buildxVersion);
console.log(res);
expect(res).toEqual(expected); expect(res).toEqual(expected);
} }
); );
@ -469,63 +509,54 @@ describe('getInputList', () => {
it('single line correctly', async () => { it('single line correctly', async () => {
await setInput('foo', 'bar'); await setInput('foo', 'bar');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar']); expect(res).toEqual(['bar']);
}); });
it('multiline correctly', async () => { it('multiline correctly', async () => {
setInput('foo', 'bar\nbaz'); setInput('foo', 'bar\nbaz');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar', 'baz']); expect(res).toEqual(['bar', 'baz']);
}); });
it('empty lines correctly', async () => { it('empty lines correctly', async () => {
setInput('foo', 'bar\n\nbaz'); setInput('foo', 'bar\n\nbaz');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar', 'baz']); expect(res).toEqual(['bar', 'baz']);
}); });
it('comma correctly', async () => { it('comma correctly', async () => {
setInput('foo', 'bar,baz'); setInput('foo', 'bar,baz');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar', 'baz']); expect(res).toEqual(['bar', 'baz']);
}); });
it('empty result correctly', async () => { it('empty result correctly', async () => {
setInput('foo', 'bar,baz,'); setInput('foo', 'bar,baz,');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar', 'baz']); expect(res).toEqual(['bar', 'baz']);
}); });
it('different new lines correctly', async () => { it('different new lines correctly', async () => {
setInput('foo', 'bar\r\nbaz'); setInput('foo', 'bar\r\nbaz');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar', 'baz']); expect(res).toEqual(['bar', 'baz']);
}); });
it('different new lines and comma correctly', async () => { it('different new lines and comma correctly', async () => {
setInput('foo', 'bar\r\nbaz,bat'); setInput('foo', 'bar\r\nbaz,bat');
const res = await context.getInputList('foo'); const res = await context.getInputList('foo');
console.log(res);
expect(res).toEqual(['bar', 'baz', 'bat']); expect(res).toEqual(['bar', 'baz', 'bat']);
}); });
it('multiline and ignoring comma correctly', async () => { it('multiline and ignoring comma correctly', async () => {
setInput('cache-from', 'user/app:cache\ntype=local,src=path/to/dir'); setInput('cache-from', 'user/app:cache\ntype=local,src=path/to/dir');
const res = await context.getInputList('cache-from', true); const res = await context.getInputList('cache-from', true);
console.log(res);
expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']); expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
}); });
it('different new lines and ignoring comma correctly', async () => { it('different new lines and ignoring comma correctly', async () => {
setInput('cache-from', 'user/app:cache\r\ntype=local,src=path/to/dir'); setInput('cache-from', 'user/app:cache\r\ntype=local,src=path/to/dir');
const res = await context.getInputList('cache-from', true); const res = await context.getInputList('cache-from', true);
console.log(res);
expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']); expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
}); });
@ -539,7 +570,6 @@ ccccccccc"
FOO=bar` FOO=bar`
); );
const res = await context.getInputList('secrets', true); const res = await context.getInputList('secrets', true);
console.log(res);
expect(res).toEqual([ expect(res).toEqual([
'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
`MYSECRET=aaaaaaaa `MYSECRET=aaaaaaaa
@ -563,7 +593,6 @@ bbbb
ccc"` ccc"`
); );
const res = await context.getInputList('secrets', true); const res = await context.getInputList('secrets', true);
console.log(res);
expect(res).toEqual([ expect(res).toEqual([
'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
`MYSECRET=aaaaaaaa `MYSECRET=aaaaaaaa
@ -587,7 +616,6 @@ ccccccccc
FOO=bar` FOO=bar`
); );
const res = await context.getInputList('secrets', true); const res = await context.getInputList('secrets', true);
console.log(res);
expect(res).toEqual(['GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'MYSECRET=aaaaaaaa', 'bbbbbbb', 'ccccccccc', 'FOO=bar']); expect(res).toEqual(['GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'MYSECRET=aaaaaaaa', 'bbbbbbb', 'ccccccccc', 'FOO=bar']);
}); });
@ -598,7 +626,6 @@ FOO=bar`
FOO=bar` FOO=bar`
); );
const res = await context.getInputList('secrets', true); const res = await context.getInputList('secrets', true);
console.log(res);
expect(res).toEqual([`GPG_KEY=${pgp}`, 'FOO=bar']); expect(res).toEqual([`GPG_KEY=${pgp}`, 'FOO=bar']);
}); });
@ -612,7 +639,6 @@ ccccccccc"
FOO=bar` FOO=bar`
); );
const res = await context.getInputList('secrets', true); const res = await context.getInputList('secrets', true);
console.log(res);
expect(res).toEqual([ expect(res).toEqual([
'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
`MYSECRET=aaaaaaaa `MYSECRET=aaaaaaaa

View File

@ -8,7 +8,7 @@ branding:
inputs: inputs:
allow: allow:
description: "List of extra privileged entitlement (eg. network.host,security.insecure)" description: "List of extra privileged entitlement (e.g., network.host,security.insecure)"
required: false required: false
build-args: build-args:
description: "List of build-time variables" description: "List of build-time variables"
@ -17,10 +17,13 @@ inputs:
description: "Builder instance" description: "Builder instance"
required: false required: false
cache-from: cache-from:
description: "List of external cache sources for buildx (eg. user/app:cache, type=local,src=path/to/dir)" description: "List of external cache sources for buildx (e.g., user/app:cache, type=local,src=path/to/dir)"
required: false required: false
cache-to: cache-to:
description: "List of cache export destinations for buildx (eg. user/app:cache, type=local,dest=path/to/dir)" description: "List of cache export destinations for buildx (e.g., user/app:cache, type=local,dest=path/to/dir)"
required: false
cgroup-parent:
description: "Optional parent cgroup for the container used in the build"
required: false required: false
context: context:
description: "Build's context is the set of files located in the specified PATH or URL" description: "Build's context is the set of files located in the specified PATH or URL"
@ -57,10 +60,13 @@ inputs:
required: false required: false
default: 'false' default: 'false'
secrets: secrets:
description: "List of secrets to expose to the build (eg. key=string, GIT_AUTH_TOKEN=mytoken)" description: "List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)"
required: false required: false
secret-files: secret-files:
description: "List of secret files to expose to the build (eg. key=filename, MY_SECRET=./secret.txt)" description: "List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt)"
required: false
shm-size:
description: "Size of /dev/shm (e.g., 2g)"
required: false required: false
ssh: ssh:
description: "List of SSH agent socket or keys to expose to the build" description: "List of SSH agent socket or keys to expose to the build"
@ -71,6 +77,9 @@ inputs:
target: target:
description: "Sets the target stage to build" description: "Sets the target stage to build"
required: false required: false
ulimit:
description: "Ulimit options (e.g., nofile=1024:1024)"
required: false
github-token: github-token:
description: "GitHub Token used to authenticate against a repository for Git context" description: "GitHub Token used to authenticate against a repository for Git context"
default: ${{ github.token }} default: ${{ github.token }}

78
dist/index.js generated vendored
View File

@ -274,6 +274,7 @@ function getInputs(defaultContext) {
builder: core.getInput('builder'), builder: core.getInput('builder'),
cacheFrom: yield getInputList('cache-from', true), cacheFrom: yield getInputList('cache-from', true),
cacheTo: yield getInputList('cache-to', true), cacheTo: yield getInputList('cache-to', true),
cgroupParent: core.getInput('cgroup-parent'),
context: core.getInput('context') || defaultContext, context: core.getInput('context') || defaultContext,
file: core.getInput('file'), file: core.getInput('file'),
labels: yield getInputList('labels', true), labels: yield getInputList('labels', true),
@ -286,9 +287,11 @@ function getInputs(defaultContext) {
push: core.getBooleanInput('push'), push: core.getBooleanInput('push'),
secrets: yield getInputList('secrets', true), secrets: yield getInputList('secrets', true),
secretFiles: yield getInputList('secret-files', true), secretFiles: yield getInputList('secret-files', true),
shmSize: core.getInput('shm-size'),
ssh: yield getInputList('ssh'), ssh: yield getInputList('ssh'),
tags: yield getInputList('tags'), tags: yield getInputList('tags'),
target: core.getInput('target'), target: core.getInput('target'),
ulimit: yield getInputList('ulimit', true),
githubToken: core.getInput('github-token') githubToken: core.getInput('github-token')
}; };
}); });
@ -298,7 +301,7 @@ function getArgs(inputs, defaultContext, buildxVersion) {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
let args = ['buildx']; let args = ['buildx'];
args.push.apply(args, yield getBuildArgs(inputs, defaultContext, buildxVersion)); args.push.apply(args, yield getBuildArgs(inputs, defaultContext, buildxVersion));
args.push.apply(args, yield getCommonArgs(inputs)); args.push.apply(args, yield getCommonArgs(inputs, buildxVersion));
args.push(inputs.context); args.push(inputs.context);
return args; return args;
}); });
@ -307,39 +310,36 @@ exports.getArgs = getArgs;
function getBuildArgs(inputs, defaultContext, buildxVersion) { function getBuildArgs(inputs, defaultContext, buildxVersion) {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
let args = ['build']; let args = ['build'];
yield exports.asyncForEach(inputs.buildArgs, (buildArg) => __awaiter(this, void 0, void 0, function* () {
args.push('--build-arg', buildArg);
}));
yield exports.asyncForEach(inputs.labels, (label) => __awaiter(this, void 0, void 0, function* () {
args.push('--label', label);
}));
yield exports.asyncForEach(inputs.tags, (tag) => __awaiter(this, void 0, void 0, function* () {
args.push('--tag', tag);
}));
if (inputs.target) {
args.push('--target', inputs.target);
}
if (inputs.allow.length > 0) { if (inputs.allow.length > 0) {
args.push('--allow', inputs.allow.join(',')); args.push('--allow', inputs.allow.join(','));
} }
if (inputs.platforms.length > 0) { yield exports.asyncForEach(inputs.buildArgs, (buildArg) => __awaiter(this, void 0, void 0, function* () {
args.push('--platform', inputs.platforms.join(',')); args.push('--build-arg', buildArg);
}
yield exports.asyncForEach(inputs.outputs, (output) => __awaiter(this, void 0, void 0, function* () {
args.push('--output', output);
})); }));
if (!buildx.isLocalOrTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || buildx.satisfies(buildxVersion, '>=0.4.2'))) {
args.push('--iidfile', yield buildx.getImageIDFile());
}
if (buildx.satisfies(buildxVersion, '>=0.6.0')) {
args.push('--metadata-file', yield buildx.getMetadataFile());
}
yield exports.asyncForEach(inputs.cacheFrom, (cacheFrom) => __awaiter(this, void 0, void 0, function* () { yield exports.asyncForEach(inputs.cacheFrom, (cacheFrom) => __awaiter(this, void 0, void 0, function* () {
args.push('--cache-from', cacheFrom); args.push('--cache-from', cacheFrom);
})); }));
yield exports.asyncForEach(inputs.cacheTo, (cacheTo) => __awaiter(this, void 0, void 0, function* () { yield exports.asyncForEach(inputs.cacheTo, (cacheTo) => __awaiter(this, void 0, void 0, function* () {
args.push('--cache-to', cacheTo); args.push('--cache-to', cacheTo);
})); }));
if (inputs.cgroupParent) {
args.push('--cgroup-parent', inputs.cgroupParent);
}
if (inputs.file) {
args.push('--file', inputs.file);
}
if (!buildx.isLocalOrTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || buildx.satisfies(buildxVersion, '>=0.4.2'))) {
args.push('--iidfile', yield buildx.getImageIDFile());
}
yield exports.asyncForEach(inputs.labels, (label) => __awaiter(this, void 0, void 0, function* () {
args.push('--label', label);
}));
yield exports.asyncForEach(inputs.outputs, (output) => __awaiter(this, void 0, void 0, function* () {
args.push('--output', output);
}));
if (inputs.platforms.length > 0) {
args.push('--platform', inputs.platforms.join(','));
}
yield exports.asyncForEach(inputs.secrets, (secret) => __awaiter(this, void 0, void 0, function* () { yield exports.asyncForEach(inputs.secrets, (secret) => __awaiter(this, void 0, void 0, function* () {
try { try {
args.push('--secret', yield buildx.getSecretString(secret)); args.push('--secret', yield buildx.getSecretString(secret));
@ -359,33 +359,45 @@ function getBuildArgs(inputs, defaultContext, buildxVersion) {
if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) { if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) {
args.push('--secret', yield buildx.getSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`)); args.push('--secret', yield buildx.getSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
} }
if (inputs.shmSize) {
args.push('--shm-size', inputs.shmSize);
}
yield exports.asyncForEach(inputs.ssh, (ssh) => __awaiter(this, void 0, void 0, function* () { yield exports.asyncForEach(inputs.ssh, (ssh) => __awaiter(this, void 0, void 0, function* () {
args.push('--ssh', ssh); args.push('--ssh', ssh);
})); }));
if (inputs.file) { yield exports.asyncForEach(inputs.tags, (tag) => __awaiter(this, void 0, void 0, function* () {
args.push('--file', inputs.file); args.push('--tag', tag);
}));
if (inputs.target) {
args.push('--target', inputs.target);
} }
yield exports.asyncForEach(inputs.ulimit, (ulimit) => __awaiter(this, void 0, void 0, function* () {
args.push('--ulimit', ulimit);
}));
return args; return args;
}); });
} }
function getCommonArgs(inputs) { function getCommonArgs(inputs, buildxVersion) {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
let args = []; let args = [];
if (inputs.noCache) {
args.push('--no-cache');
}
if (inputs.builder) { if (inputs.builder) {
args.push('--builder', inputs.builder); args.push('--builder', inputs.builder);
} }
if (inputs.pull) {
args.push('--pull');
}
if (inputs.load) { if (inputs.load) {
args.push('--load'); args.push('--load');
} }
if (buildx.satisfies(buildxVersion, '>=0.6.0')) {
args.push('--metadata-file', yield buildx.getMetadataFile());
}
if (inputs.network) { if (inputs.network) {
args.push('--network', inputs.network); args.push('--network', inputs.network);
} }
if (inputs.noCache) {
args.push('--no-cache');
}
if (inputs.pull) {
args.push('--pull');
}
if (inputs.push) { if (inputs.push) {
args.push('--push'); args.push('--push');
} }

View File

@ -18,6 +18,7 @@ export interface Inputs {
builder: string; builder: string;
cacheFrom: string[]; cacheFrom: string[];
cacheTo: string[]; cacheTo: string[];
cgroupParent: string;
context: string; context: string;
file: string; file: string;
labels: string[]; labels: string[];
@ -30,9 +31,11 @@ export interface Inputs {
push: boolean; push: boolean;
secrets: string[]; secrets: string[];
secretFiles: string[]; secretFiles: string[];
shmSize: string;
ssh: string[]; ssh: string[];
tags: string[]; tags: string[];
target: string; target: string;
ulimit: string[];
githubToken: string; githubToken: string;
} }
@ -68,6 +71,7 @@ export async function getInputs(defaultContext: string): Promise<Inputs> {
builder: core.getInput('builder'), builder: core.getInput('builder'),
cacheFrom: await getInputList('cache-from', true), cacheFrom: await getInputList('cache-from', true),
cacheTo: await getInputList('cache-to', true), cacheTo: await getInputList('cache-to', true),
cgroupParent: core.getInput('cgroup-parent'),
context: core.getInput('context') || defaultContext, context: core.getInput('context') || defaultContext,
file: core.getInput('file'), file: core.getInput('file'),
labels: await getInputList('labels', true), labels: await getInputList('labels', true),
@ -80,9 +84,11 @@ export async function getInputs(defaultContext: string): Promise<Inputs> {
push: core.getBooleanInput('push'), push: core.getBooleanInput('push'),
secrets: await getInputList('secrets', true), secrets: await getInputList('secrets', true),
secretFiles: await getInputList('secret-files', true), secretFiles: await getInputList('secret-files', true),
shmSize: core.getInput('shm-size'),
ssh: await getInputList('ssh'), ssh: await getInputList('ssh'),
tags: await getInputList('tags'), tags: await getInputList('tags'),
target: core.getInput('target'), target: core.getInput('target'),
ulimit: await getInputList('ulimit', true),
githubToken: core.getInput('github-token') githubToken: core.getInput('github-token')
}; };
} }
@ -90,46 +96,43 @@ export async function getInputs(defaultContext: string): Promise<Inputs> {
export async function getArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> { export async function getArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
let args: Array<string> = ['buildx']; let args: Array<string> = ['buildx'];
args.push.apply(args, await getBuildArgs(inputs, defaultContext, buildxVersion)); args.push.apply(args, await getBuildArgs(inputs, defaultContext, buildxVersion));
args.push.apply(args, await getCommonArgs(inputs)); args.push.apply(args, await getCommonArgs(inputs, buildxVersion));
args.push(inputs.context); args.push(inputs.context);
return args; return args;
} }
async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> { async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
let args: Array<string> = ['build']; let args: Array<string> = ['build'];
await asyncForEach(inputs.buildArgs, async buildArg => {
args.push('--build-arg', buildArg);
});
await asyncForEach(inputs.labels, async label => {
args.push('--label', label);
});
await asyncForEach(inputs.tags, async tag => {
args.push('--tag', tag);
});
if (inputs.target) {
args.push('--target', inputs.target);
}
if (inputs.allow.length > 0) { if (inputs.allow.length > 0) {
args.push('--allow', inputs.allow.join(',')); args.push('--allow', inputs.allow.join(','));
} }
if (inputs.platforms.length > 0) { await asyncForEach(inputs.buildArgs, async buildArg => {
args.push('--platform', inputs.platforms.join(',')); args.push('--build-arg', buildArg);
}
await asyncForEach(inputs.outputs, async output => {
args.push('--output', output);
}); });
if (!buildx.isLocalOrTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || buildx.satisfies(buildxVersion, '>=0.4.2'))) {
args.push('--iidfile', await buildx.getImageIDFile());
}
if (buildx.satisfies(buildxVersion, '>=0.6.0')) {
args.push('--metadata-file', await buildx.getMetadataFile());
}
await asyncForEach(inputs.cacheFrom, async cacheFrom => { await asyncForEach(inputs.cacheFrom, async cacheFrom => {
args.push('--cache-from', cacheFrom); args.push('--cache-from', cacheFrom);
}); });
await asyncForEach(inputs.cacheTo, async cacheTo => { await asyncForEach(inputs.cacheTo, async cacheTo => {
args.push('--cache-to', cacheTo); args.push('--cache-to', cacheTo);
}); });
if (inputs.cgroupParent) {
args.push('--cgroup-parent', inputs.cgroupParent);
}
if (inputs.file) {
args.push('--file', inputs.file);
}
if (!buildx.isLocalOrTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || buildx.satisfies(buildxVersion, '>=0.4.2'))) {
args.push('--iidfile', await buildx.getImageIDFile());
}
await asyncForEach(inputs.labels, async label => {
args.push('--label', label);
});
await asyncForEach(inputs.outputs, async output => {
args.push('--output', output);
});
if (inputs.platforms.length > 0) {
args.push('--platform', inputs.platforms.join(','));
}
await asyncForEach(inputs.secrets, async secret => { await asyncForEach(inputs.secrets, async secret => {
try { try {
args.push('--secret', await buildx.getSecretString(secret)); args.push('--secret', await buildx.getSecretString(secret));
@ -147,32 +150,44 @@ async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersio
if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) { if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) {
args.push('--secret', await buildx.getSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`)); args.push('--secret', await buildx.getSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
} }
if (inputs.shmSize) {
args.push('--shm-size', inputs.shmSize);
}
await asyncForEach(inputs.ssh, async ssh => { await asyncForEach(inputs.ssh, async ssh => {
args.push('--ssh', ssh); args.push('--ssh', ssh);
}); });
if (inputs.file) { await asyncForEach(inputs.tags, async tag => {
args.push('--file', inputs.file); args.push('--tag', tag);
});
if (inputs.target) {
args.push('--target', inputs.target);
} }
await asyncForEach(inputs.ulimit, async ulimit => {
args.push('--ulimit', ulimit);
});
return args; return args;
} }
async function getCommonArgs(inputs: Inputs): Promise<Array<string>> { async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Array<string>> {
let args: Array<string> = []; let args: Array<string> = [];
if (inputs.noCache) {
args.push('--no-cache');
}
if (inputs.builder) { if (inputs.builder) {
args.push('--builder', inputs.builder); args.push('--builder', inputs.builder);
} }
if (inputs.pull) {
args.push('--pull');
}
if (inputs.load) { if (inputs.load) {
args.push('--load'); args.push('--load');
} }
if (buildx.satisfies(buildxVersion, '>=0.6.0')) {
args.push('--metadata-file', await buildx.getMetadataFile());
}
if (inputs.network) { if (inputs.network) {
args.push('--network', inputs.network); args.push('--network', inputs.network);
} }
if (inputs.noCache) {
args.push('--no-cache');
}
if (inputs.pull) {
args.push('--pull');
}
if (inputs.push) { if (inputs.push) {
args.push('--push'); args.push('--push');
} }

2
test/cgroup.Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM alpine
RUN cat /proc/self/cgroup

2
test/shmsize.Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM busybox
RUN mount | grep /dev/shm

2
test/ulimit.Dockerfile Normal file
View File

@ -0,0 +1,2 @@
FROM busybox
RUN ulimit -a